Cloud services for storage, computing services, and collaboration platforms are becoming more relevant, important, and pervasive. However, cloud services also introduce new security threats with respect to the confidentiality and integrity of the data outsourced thereto. Customers of cloud services may lose control over their data and how it is processed or stored. Loss of control over user data has been identified as one of the main obstacles standing in the way of increased adoption of cloud services by users.
Cloud services customers may not trust cloud services providers to encrypt their data due to fear of insider attacks. On the other hand, client-side encryption involves complicated key management and is often vulnerable when such key management fails and the key is leaked, e.g., due to a weak password. Therefore, existing cloud storage services in which simply user data is encrypted and the encryption keys are retained by the user may not afford adequate levels of security.
Furthermore, many cloud services providers currently do not provide service level agreement (SLA) guaranteeing data storage reliability. Currently, integrity and retrievability are not measurable and verifiable metrics for cloud storage services. Additionally, storage efficiency is not a tunable factor for current cloud storage solutions. Cost-saving data deduplication is not supported alongside client-side encryption. Moreover, the cloud cannot provide verifiable duplication of data on behalf of users who desire extra data replication.
State of the art technologies provide individual solutions to each of the above mentioned shortcomings of cloud services. For example, US Patent Application Publication No. 2016/0147471 A1 and U.S. Patent Application Publication No. 2016/087790 A1 use gateways to provide only confidentiality for cloud storage. PCT Publication No. WO 2015/173434 A1 gives a solution for proofs of retrievability and PCT Publication No. WO 2016/180495 describes proofs of retrievability on data replications. PCT Publication No. WO 2016/128070 and Chinese Patent Application Publication CN105939191 A describe de-duplication technology for encrypted data.